Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2011-4326

Summary
Assigner-redhat
Assigner Org ID-53f830b8-0a3f-465b-8143-3b8a9948e749
Published At-17 May, 2012 | 10:00
Updated At-07 Aug, 2024 | 00:01
Rejected At-
Credits

The udp6_ufo_fragment function in net/ipv6/udp.c in the Linux kernel before 2.6.39, when a certain UDP Fragmentation Offload (UFO) configuration is enabled, allows remote attackers to cause a denial of service (system crash) by sending fragmented IPv6 UDP packets to a bridge device.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:redhat
Assigner Org ID:53f830b8-0a3f-465b-8143-3b8a9948e749
Published At:17 May, 2012 | 10:00
Updated At:07 Aug, 2024 | 00:01
Rejected At:
▼CVE Numbering Authority (CNA)

The udp6_ufo_fragment function in net/ipv6/udp.c in the Linux kernel before 2.6.39, when a certain UDP Fragmentation Offload (UFO) configuration is enabled, allows remote attackers to cause a denial of service (system crash) by sending fragmented IPv6 UDP packets to a bridge device.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.securityfocus.com/bid/50751
vdb-entry
x_refsource_BID
http://downloads.avaya.com/css/P8/documents/100156038
x_refsource_CONFIRM
http://www.openwall.com/lists/oss-security/2011/11/21/10
mailing-list
x_refsource_MLIST
https://github.com/torvalds/linux/commit/a9cf73ea7ff78f52662c8658d93c226effbbedde
x_refsource_CONFIRM
http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39
x_refsource_CONFIRM
https://bugzilla.redhat.com/show_bug.cgi?id=682066
x_refsource_CONFIRM
https://bugzilla.redhat.com/show_bug.cgi?id=755584
x_refsource_CONFIRM
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a9cf73ea7ff78f52662c8658d93c226effbbedde
x_refsource_CONFIRM
Hyperlink: http://www.securityfocus.com/bid/50751
Resource:
vdb-entry
x_refsource_BID
Hyperlink: http://downloads.avaya.com/css/P8/documents/100156038
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.openwall.com/lists/oss-security/2011/11/21/10
Resource:
mailing-list
x_refsource_MLIST
Hyperlink: https://github.com/torvalds/linux/commit/a9cf73ea7ff78f52662c8658d93c226effbbedde
Resource:
x_refsource_CONFIRM
Hyperlink: http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39
Resource:
x_refsource_CONFIRM
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=682066
Resource:
x_refsource_CONFIRM
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=755584
Resource:
x_refsource_CONFIRM
Hyperlink: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a9cf73ea7ff78f52662c8658d93c226effbbedde
Resource:
x_refsource_CONFIRM
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.securityfocus.com/bid/50751
vdb-entry
x_refsource_BID
x_transferred
http://downloads.avaya.com/css/P8/documents/100156038
x_refsource_CONFIRM
x_transferred
http://www.openwall.com/lists/oss-security/2011/11/21/10
mailing-list
x_refsource_MLIST
x_transferred
https://github.com/torvalds/linux/commit/a9cf73ea7ff78f52662c8658d93c226effbbedde
x_refsource_CONFIRM
x_transferred
http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39
x_refsource_CONFIRM
x_transferred
https://bugzilla.redhat.com/show_bug.cgi?id=682066
x_refsource_CONFIRM
x_transferred
https://bugzilla.redhat.com/show_bug.cgi?id=755584
x_refsource_CONFIRM
x_transferred
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a9cf73ea7ff78f52662c8658d93c226effbbedde
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.securityfocus.com/bid/50751
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://downloads.avaya.com/css/P8/documents/100156038
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.openwall.com/lists/oss-security/2011/11/21/10
Resource:
mailing-list
x_refsource_MLIST
x_transferred
Hyperlink: https://github.com/torvalds/linux/commit/a9cf73ea7ff78f52662c8658d93c226effbbedde
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=682066
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=755584
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a9cf73ea7ff78f52662c8658d93c226effbbedde
Resource:
x_refsource_CONFIRM
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:secalert@redhat.com
Published At:17 May, 2012 | 11:00
Updated At:29 Apr, 2026 | 01:13

The udp6_ufo_fragment function in net/ipv6/udp.c in the Linux kernel before 2.6.39, when a certain UDP Fragmentation Offload (UFO) configuration is enabled, allows remote attackers to cause a denial of service (system crash) by sending fragmented IPv6 UDP packets to a bridge device.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.07.1HIGH
AV:N/AC:M/Au:N/C:N/I:N/A:C
Type: Primary
Version: 2.0
Base score: 7.1
Base severity: HIGH
Vector:
AV:N/AC:M/Au:N/C:N/I:N/A:C
CPE Matches
Linux Kernel Organization, Inc
linux
>>linux_kernel>>Versions before 2.6.39(exclusive)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Avaya LLC
avaya
>>96x1_ip_deskphone_firmware>>Versions from 6.0.0(inclusive) to 6.6.0(inclusive)
cpe:2.3:o:avaya:96x1_ip_deskphone_firmware:*:*:*:*:*:*:*:*
Avaya LLC
avaya
>>96x1_ip_deskphone>>-
cpe:2.3:h:avaya:96x1_ip_deskphone:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-399Primarynvd@nist.gov
CWE ID: CWE-399
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://downloads.avaya.com/css/P8/documents/100156038secalert@redhat.com
Third Party Advisory
http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39secalert@redhat.com
Broken Link
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a9cf73ea7ff78f52662c8658d93c226effbbeddesecalert@redhat.com
N/A
http://www.openwall.com/lists/oss-security/2011/11/21/10secalert@redhat.com
Mailing List
http://www.securityfocus.com/bid/50751secalert@redhat.com
Third Party Advisory
VDB Entry
https://bugzilla.redhat.com/show_bug.cgi?id=682066secalert@redhat.com
Exploit
Issue Tracking
Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=755584secalert@redhat.com
Issue Tracking
Third Party Advisory
https://github.com/torvalds/linux/commit/a9cf73ea7ff78f52662c8658d93c226effbbeddesecalert@redhat.com
Patch
Third Party Advisory
http://downloads.avaya.com/css/P8/documents/100156038af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a9cf73ea7ff78f52662c8658d93c226effbbeddeaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.openwall.com/lists/oss-security/2011/11/21/10af854a3a-2127-422b-91ae-364da2661108
Mailing List
http://www.securityfocus.com/bid/50751af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
VDB Entry
https://bugzilla.redhat.com/show_bug.cgi?id=682066af854a3a-2127-422b-91ae-364da2661108
Exploit
Issue Tracking
Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=755584af854a3a-2127-422b-91ae-364da2661108
Issue Tracking
Third Party Advisory
https://github.com/torvalds/linux/commit/a9cf73ea7ff78f52662c8658d93c226effbbeddeaf854a3a-2127-422b-91ae-364da2661108
Patch
Third Party Advisory
Hyperlink: http://downloads.avaya.com/css/P8/documents/100156038
Source: secalert@redhat.com
Resource:
Third Party Advisory
Hyperlink: http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39
Source: secalert@redhat.com
Resource:
Broken Link
Hyperlink: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a9cf73ea7ff78f52662c8658d93c226effbbedde
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.openwall.com/lists/oss-security/2011/11/21/10
Source: secalert@redhat.com
Resource:
Mailing List
Hyperlink: http://www.securityfocus.com/bid/50751
Source: secalert@redhat.com
Resource:
Third Party Advisory
VDB Entry
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=682066
Source: secalert@redhat.com
Resource:
Exploit
Issue Tracking
Third Party Advisory
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=755584
Source: secalert@redhat.com
Resource:
Issue Tracking
Third Party Advisory
Hyperlink: https://github.com/torvalds/linux/commit/a9cf73ea7ff78f52662c8658d93c226effbbedde
Source: secalert@redhat.com
Resource:
Patch
Third Party Advisory
Hyperlink: http://downloads.avaya.com/css/P8/documents/100156038
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link
Hyperlink: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a9cf73ea7ff78f52662c8658d93c226effbbedde
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.openwall.com/lists/oss-security/2011/11/21/10
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Mailing List
Hyperlink: http://www.securityfocus.com/bid/50751
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
VDB Entry
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=682066
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Exploit
Issue Tracking
Third Party Advisory
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=755584
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Issue Tracking
Third Party Advisory
Hyperlink: https://github.com/torvalds/linux/commit/a9cf73ea7ff78f52662c8658d93c226effbbedde
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Third Party Advisory

Change History

0
Information is not available yet

Similar CVEs

66Records found
CVE-2010-0006
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.1||HIGH
EPSS-2.17% / 84.67%
||
7 Day CHG~0.00%
Published-26 Jan, 2010 | 18:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The ipv6_hop_jumbo function in net/ipv6/exthdrs.c in the Linux kernel before 2.6.32.4, when network namespaces are enabled, allows remote attackers to cause a denial of service (NULL pointer dereference) via an invalid IPv6 jumbogram, a related issue to CVE-2007-4567.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2006-4997
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-35.02% / 97.13%
||
7 Day CHG~0.00%
Published-09 Oct, 2006 | 23:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The clip_mkip function in net/atm/clip.c of the ATM subsystem in Linux kernel allows remote attackers to cause a denial of service (panic) via unknown vectors that cause the ATM subsystem to access the memory of socket buffers after they are freed (freed pointer dereference).

Action-Not Available
Vendor-n/aCanonical Ltd.Red Hat, Inc.Linux Kernel Organization, Inc
Product-ubuntu_linuxlinux_kernelenterprise_linuxn/a
CWE ID-CWE-416
Use After Free
CVE-2009-1360
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.1||HIGH
EPSS-1.77% / 83.04%
||
7 Day CHG~0.00%
Published-22 Apr, 2009 | 15:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The __inet6_check_established function in net/ipv6/inet6_hashtables.c in the Linux kernel before 2.6.29, when Network Namespace Support (aka NET_NS) is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via vectors involving IPv6 packets.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CVE-2005-0449
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.1||HIGH
EPSS-2.27% / 84.97%
||
7 Day CHG~0.00%
Published-16 Feb, 2005 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The netfilter/iptables module in Linux before 2.6.8.1 allows remote attackers to cause a denial of service (kernel crash) or bypass firewall rules via crafted packets, which are not properly handled by the skb_checksum_help function.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CWE ID-CWE-20
Improper Input Validation
CVE-2018-14616
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.16% / 36.51%
||
7 Day CHG~0.00%
Published-27 Jul, 2018 | 04:00
Updated-05 Aug, 2024 | 09:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in the Linux kernel through 4.17.10. There is a NULL pointer dereference in fscrypt_do_page_crypto() in fs/crypto/crypto.c when operating on a file in a corrupted f2fs image.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2018-14612
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.10% / 27.07%
||
7 Day CHG~0.00%
Published-27 Jul, 2018 | 04:00
Updated-05 Aug, 2024 | 09:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in the Linux kernel through 4.17.10. There is an invalid pointer dereference in btrfs_root_node() when mounting a crafted btrfs image, because of a lack of chunk block group mapping validation in btrfs_read_block_groups in fs/btrfs/extent-tree.c, and a lack of empty-tree checks in check_leaf in fs/btrfs/tree-checker.c.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2018-14610
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.09% / 25.85%
||
7 Day CHG~0.00%
Published-27 Jul, 2018 | 04:00
Updated-05 Aug, 2024 | 09:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in the Linux kernel through 4.17.10. There is out-of-bounds access in write_extent_buffer() when mounting and operating a crafted btrfs image, because of a lack of verification that each block group has a corresponding chunk at mount time, within btrfs_read_block_groups in fs/btrfs/extent-tree.c.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-14641
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-6.5||MEDIUM
EPSS-1.35% / 80.50%
||
7 Day CHG~0.00%
Published-18 Sep, 2018 | 13:00
Updated-05 Aug, 2024 | 09:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A security flaw was found in the ip_frag_reasm() function in net/ipv4/ip_fragment.c in the Linux kernel from 4.19-rc1 to 4.19-rc3 inclusive, which can cause a later system crash in ip_do_fragment(). With certain non-default, but non-rare, configuration of a victim host, an attacker can trigger this crash remotely, thus leading to a remote denial-of-service.

Action-Not Available
Vendor-Linux Kernel Organization, IncThe Linux Foundation
Product-linux_kernelkernel
CWE ID-CWE-456
Missing Initialization of a Variable
CWE ID-CWE-20
Improper Input Validation
CVE-2018-12232
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.9||MEDIUM
EPSS-3.32% / 87.52%
||
7 Day CHG~0.00%
Published-12 Jun, 2018 | 12:00
Updated-05 Aug, 2024 | 08:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In net/socket.c in the Linux kernel through 4.17.1, there is a race condition between fchownat and close in cases where they target the same socket file descriptor, related to the sock_close and sockfs_setattr functions. fchownat does not increment the file descriptor reference count, which allows close to set the socket to NULL during fchownat's execution, leading to a NULL pointer dereference and system crash.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2018-1095
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.15% / 35.67%
||
7 Day CHG~0.00%
Published-02 Apr, 2018 | 03:00
Updated-05 Aug, 2024 | 03:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The ext4_xattr_check_entries function in fs/ext4/xattr.c in the Linux kernel through 4.15.15 does not properly validate xattr sizes, which causes misinterpretation of a size as an error code, and consequently allows attackers to cause a denial of service (get_acl NULL pointer dereference and system crash) via a crafted ext4 image.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kernelLinux kernel through version 4.15
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2018-1094
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.29% / 52.16%
||
7 Day CHG~0.00%
Published-02 Apr, 2018 | 03:00
Updated-05 Aug, 2024 | 03:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The ext4_fill_super function in fs/ext4/super.c in the Linux kernel through 4.15.15 does not always initialize the crc32c checksum driver, which allows attackers to cause a denial of service (ext4_xattr_inode_hash NULL pointer dereference and system crash) via a crafted ext4 image.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncCanonical Ltd.Red Hat, Inc.
Product-enterprise_linux_serverubuntu_linuxlinux_kernelenterprise_linux_workstationenterprise_linux_desktopLinux kernel through version 4.15
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2018-1000004
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.9||MEDIUM
EPSS-1.94% / 83.78%
||
7 Day CHG~0.00%
Published-16 Jan, 2018 | 20:00
Updated-05 Aug, 2024 | 12:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In the Linux kernel 4.12, 3.10, 2.6 and possibly earlier versions a race condition vulnerability exists in the sound system, this can lead to a deadlock and denial of service condition.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2017-5986
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.43% / 62.62%
||
7 Day CHG~0.00%
Published-18 Feb, 2017 | 21:40
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Race condition in the sctp_wait_for_sndbuf function in net/sctp/socket.c in the Linux kernel before 4.9.11 allows local users to cause a denial of service (assertion failure and panic) via a multithreaded application that peels off an association in a certain buffer-full state.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CWE ID-CWE-617
Reachable Assertion
CVE-2017-6259
Matching Score-8
Assigner-NVIDIA Corporation
ShareView Details
Matching Score-8
Assigner-NVIDIA Corporation
CVSS Score-6.1||MEDIUM
EPSS-0.53% / 67.53%
||
7 Day CHG~0.00%
Published-28 Jul, 2017 | 19:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

NVIDIA GPU Display Driver contains a vulnerability in the kernel mode layer handler where an incorrect detection and recovery from an invalid state produced by specific user actions may lead to denial of service.

Action-Not Available
Vendor-FreeBSD FoundationOracle CorporationLinux Kernel Organization, IncNVIDIA Corporation
Product-gpu_driversolarisfreebsdkernelNVIDIA GPU Display Driver
CVE-2014-5077
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.1||HIGH
EPSS-12.78% / 94.16%
||
7 Day CHG~0.00%
Published-01 Aug, 2014 | 10:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The sctp_assoc_update function in net/sctp/associola.c in the Linux kernel through 3.15.8, when SCTP authentication is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and OOPS) by starting to establish an association between two endpoints immediately after an exchange of INIT and INIT ACK chunks to establish an earlier association between these endpoints in the opposite direction.

Action-Not Available
Vendor-n/aCanonical Ltd.Linux Kernel Organization, IncSUSERed Hat, Inc.
Product-ubuntu_linuxlinux_enterprise_desktopenterprise_linux_server_tuslinux_enterprise_real_time_extensionlinux_enterprise_serverenterprise_linux_server_ausenterprise_linux_euslinux_kerneln/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2013-4348
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.1||HIGH
EPSS-4.97% / 89.89%
||
7 Day CHG~0.00%
Published-04 Nov, 2013 | 11:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The skb_flow_dissect function in net/core/flow_dissector.c in the Linux kernel through 3.12 allows remote attackers to cause a denial of service (infinite loop) via a small value in the IHL field of a packet with IPIP encapsulation.

Action-Not Available
Vendor-n/aCanonical Ltd.Linux Kernel Organization, Inc
Product-ubuntu_linuxlinux_kerneln/a
  • Previous
  • 1
  • 2
  • Next
Details not found